Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-18255

Опубликовано: 23 фев. 2017
Источник: redhat
CVSS3: 3.4
EPSS Низкий

Описание

The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation.

A vulnerability was found in the Linux kernel's kernel/events/core.c:perf_cpu_time_max_percent_handler() function. Local privileged users could exploit this flaw to cause a denial of service due to integer overflow or possibly have unspecified other impact.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1563069kernel: Integer overflow in events/core.c:perf_cpu_time_max_percent_handler() can allow for denial of service

EPSS

Процентиль: 27%
0.00093
Низкий

3.4 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-18255

CVSS3: 7.8
ubuntu
около 7 лет назад

The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation.

nvd логотип

CVE-2017-18255

CVSS3: 7.8
nvd
около 7 лет назад

The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation.

debian логотип

CVE-2017-18255

CVSS3: 7.8
debian
около 7 лет назад

The perf_cpu_time_max_percent_handler function in kernel/events/core.c ...

github логотип

GHSA-gjm4-57hm-j3hg

CVSS3: 7.8
github
около 3 лет назад

The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation.

oracle-oval логотип

ELSA-2019-4315

oracle-oval
больше 6 лет назад

ELSA-2019-4315: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 27%
0.00093
Низкий

3.4 Low

CVSS3